it’s old news, but oracle 11g expires passwords after 180 days, and locks you out if you mistype your password 10 times, and most DBAs don’t like that. It’s unsecure, but for client-server-applications a locked account is no single-user-annoyance, it’s a downtime killing SLAs, nerves and – hopefully not – DBA jobs. So just make your DEFAULT user profile less secure: